Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost Problem


  • Please log in to reply
6 replies to this topic

#1 tupat

tupat

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 05 January 2007 - 07:25 PM

Please can anyone help. I have the svchost.exe problem which uses most of your memory. Also the wuaclt.exe uses alot of memory. Anways can anyone please help.

I have scanned the computer in safe mode with both anti virus and spyware software but nothing was detected.

Here is the HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 12:19:50 AM, on 1/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\JoyTechEurope\JOYTECHUSBNeoSController\JoytechNeoSTrayIcon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [JOYTECH USB Neo S Controller] C:\Program Files\JoyTechEurope\JOYTECHUSBNeoSController\JoytechNeoSTrayIcon.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1166548926780
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166549908092
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe



Thanks for help :thumbsup:

Edited by tupat, 05 January 2007 - 07:48 PM.


BC AdBot (Login to Remove)

 


#2 tupat

tupat
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 07 January 2007 - 03:05 PM

Can anyone help please?

#3 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:41 PM

Posted 10 January 2007 - 06:24 PM

Hello tupat and welcome to the BC HijackThis forum. I see no signs of viruses or malware in the log. It is clean.

Both svchost and wuauclt are Microsoft processes. Svchost runs various services and it is normal for there to be more than 1 svchost process running with various services underneath it. The wuauclt process is for Windows Automatic Updates and if this service is enabled it continually checks for updates through the internet.

Let's see what's actually running.

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
    • In the Processes group select All
    • In the Win32 Services group select All
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#4 tupat

tupat
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 11 January 2007 - 08:08 AM

Ok heres is the scanned notepad. Thanks alot for helping out.

WinPFind3 logfile created on: 1/11/2007 12:49:14 PM
WinPFind3U by OldTimer - Version 1.0.9 Folder = C:\Documents and Settings\Tupat\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

785904 Kb Total Physical Memory | 394196 Kb Available Physical Memory | 50.16% Memory free
1922840 Kb Paging File | 1556656 Kb Available in Paging File | 80.96% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;

%SystemDrive% = C: | %ProgramFiles% = C:\Program Files
Drive C: | 40138368 Kb Total Space | 2001152 Kb Free Space | 4.99% Space Free
Drive D: | 199133672 Kb Total Space | 62926020 Kb Free Space | 31.60% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded


[Processes - All]
smss.exe -> %System32%\smss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 50688 bytes | Modified Date = 8/4/2004 7:56:56 AM | Attr = ]
csrss.exe -> %System32%\csrss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6144 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
winlogon.exe -> %System32%\winlogon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 502272 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
services.exe -> %System32%\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 7:56:56 AM | Attr = ]
lsass.exe -> %System32%\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
-> %System32%\rpcss.dll [DcomLaunch] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 4:39:50 AM | Attr = ]
-> %System32%\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> [Wmi] -> File not found
svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
-> %System32%\rpcss.dll [RpcSs] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 4:39:50 AM | Attr = ]
-> [Wmi] -> File not found
svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
-> %System32%\appmgmts.dll [AppMgmt] -> File not found
-> %System32%\audiosrv.dll [AudioSrv] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42496 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\qmgr.dll [BITS] -> Microsoft Corporation [Ver = 6.6.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 382464 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\browser.dll [Browser] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 77312 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\cryptsvc.dll [CryptSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60416 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\dhcpcsvc.dll [Dhcp] -> Microsoft Corporation [Ver = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) | Size = 111616 bytes | Modified Date = 5/19/2006 12:59:42 PM | Attr = ]
-> %System32%\dmserver.dll [dmserver] -> Microsoft Corp. [Ver = 2600.2180.503.0 | Size = 23552 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\ersvc.dll [ERSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 23040 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\es.dll [EventSystem] -> Microsoft Corporation [Ver = 2001.12.4414.308 | Size = 243200 bytes | Modified Date = 7/26/2005 4:39:46 AM | Attr = ]
-> %System32%\shsvcs.dll [FastUserSwitchingCompatibility] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll [helpsvc] -> File not found
-> %System32%\hidserv.dll [HidServ] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 21504 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\srvsvc.dll [lanmanserver] -> Microsoft Corporation [Ver = 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729) | Size = 96768 bytes | Modified Date = 12/7/2004 7:32:34 PM | Attr = ]
-> %System32%\wkssvc.dll [lanmanworkstation] -> Microsoft Corporation [Ver = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106) | Size = 132096 bytes | Modified Date = 8/17/2006 12:28:28 PM | Attr = ]
-> %System32%\msgsvc.dll [Messenger] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33792 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\netman.dll [Netman] -> Microsoft Corporation [Ver = 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525) | Size = 197632 bytes | Modified Date = 8/22/2005 6:29:46 PM | Attr = ]
-> %System32%\mswsock.dll [Nla] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\ntmssvc.dll [NtmsSvc] -> Microsoft Corporation [Ver = 5.1.2400.2180 | Size = 435200 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\rasauto.dll [RasAuto] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 89088 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\rasmans.dll [RasMan] -> Microsoft Corporation [Ver = 5.1.2600.2936 (xpsp_sp2_gdr.060621-2347) | Size = 181248 bytes | Modified Date = 6/22/2006 10:47:18 AM | Attr = ]
-> %System32%\mprdim.dll [RemoteAccess] -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 49152 bytes | Modified Date = 8/18/2001 12:00:00 PM | Attr = ]
-> %System32%\schedsvc.dll [Schedule] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 190976 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\seclogon.dll [seclogon] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 18944 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\sens.dll [SENS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 38912 bytes | Modified Date = 8/4/2004 7:56:44 AM | Attr = ]
-> %System32%\ipnathlp.dll [SharedAccess] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\shsvcs.dll [ShellHWDetection] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\srsvc.dll [srservice] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 170496 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\tapisrv.dll [TapiSrv] -> Microsoft Corporation [Ver = 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657) | Size = 249344 bytes | Modified Date = 7/8/2005 4:27:56 PM | Attr = ]
-> %System32%\shsvcs.dll [Themes] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\trkwks.dll [TrkWks] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 90624 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\w32time.dll [W32Time] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 174592 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\wbem\WMIsvc.dll [winmgmt] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 144896 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\MsPMSNSv.dll [WmdmPmSN] -> Microsoft Corporation [Ver = 11.0.5721.5145 | Size = 27136 bytes | Modified Date = 10/18/2006 9:47:16 PM | Attr = ]
-> %System32%\wscsvc.dll [wscsvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 81408 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\wuauserv.dll [wuauserv] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\wzcsvc.dll [WZCSVC] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 359936 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\xmlprov.dll [xmlprov] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> [Wmi] -> File not found
svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
-> %System32%\dnsrslvr.dll [Dnscache] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 45568 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> [Wmi] -> File not found
svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
-> %System32%\alrsvc.dll [Alerter] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 17408 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\lmhsvc.dll [LmHosts] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13824 bytes | Modified Date = 8/4/2004 7:56:42 AM | Attr = ]
-> %System32%\ssdpsrv.dll [SSDPSRV] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 71680 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\upnphost.dll [upnphost] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 185344 bytes | Modified Date = 8/4/2004 7:56:46 AM | Attr = ]
-> %System32%\webclnt.dll [WebClient] -> Microsoft Corporation [Ver = 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536) | Size = 68096 bytes | Modified Date = 1/4/2006 3:35:06 AM | Attr = ]
-> [Wmi] -> File not found
explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1032192 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
spoolsv.exe -> %System32%\spoolsv.exe -> Microsoft Corporation [Ver = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) | Size = 57856 bytes | Modified Date = 6/10/2005 11:53:32 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 2:13:20 PM | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 77824 bytes | Modified Date = 12/16/2001 5:55:08 PM | Attr = R ]
vsmon.exe -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 1672976 bytes | Modified Date = 7/17/2005 11:20:28 PM | Attr = ]
mixer.exe -> %SystemRoot%\mixer.exe -> C-Media Electronic Inc. (www.cmedia.com.tw) [Ver = 1.55 | Size = 1581056 bytes | Modified Date = 7/12/2002 4:33:12 PM | Attr = ]
zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 980752 bytes | Modified Date = 7/17/2005 11:21:16 PM | Attr = ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.5a38 | Size = 282624 bytes | Modified Date = 12/19/2006 6:00:14 PM | Attr = ]
joytechneostrayicon.exe -> %ProgramFiles%\JoyTechEurope\JOYTECHUSBNeoSController\JoytechNeoSTrayIcon.exe -> JOYTECH Europe Ltd. All rights reserved. [Ver = 2.01.0000 | Size = 233472 bytes | Modified Date = 6/3/2005 8:47:42 PM | Attr = ]
daemon.exe -> %ProgramFiles%\DAEMON Tools\daemon.exe -> DT Soft Ltd. [Ver = 4.08.0.0 | Size = 157592 bytes | Modified Date = 11/12/2006 10:48:48 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 36975 bytes | Modified Date = 4/13/2005 3:48:52 AM | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 12:20:00 PM | Attr = ]
nmbgmonitor.exe -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> Nero AG [Ver = 1, 5, 3, 0 | Size = 139264 bytes | Modified Date = 11/16/2006 7:04:20 PM | Attr = ]
ctfmon.exe -> %System32%\ctfmon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15360 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
nmindexstoresvr.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexStoreSvr.exe -> Nero AG [Ver = 1, 5, 3, 0 | Size = 884736 bytes | Modified Date = 11/16/2006 6:58:32 PM | Attr = ]
iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
alg.exe -> %System32%\alg.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 44544 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
wuauclt.exe -> %System32%\wuauclt.exe -> Microsoft Corporation [Ver = 5.8.0.2469 built by: lab01_n(wmbla) | Size = 124184 bytes | Modified Date = 5/26/2005 4:16:30 AM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.9.0 | Size = 306176 bytes | Modified Date = 1/6/2007 2:14:24 PM | Attr = ]

[Win32 Services - All]
(Alerter) Alerter [Win32_Shared | Disabled | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(ALG) Application Layer Gateway Service [Win32_Own | On_Demand | Running] -> %System32%\alg.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 44544 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
(AppMgmt) Application Management [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(AudioSrv) Windows Audio [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 2:13:20 PM | Attr = ]
(AVP) Kaspersky Anti-Virus 6.0 [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 139367 bytes | Modified Date = 3/24/2006 7:09:22 PM | Attr = ]
(BITS) Background Intelligent Transfer Service [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Browser) Computer Browser [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(cisvc) Indexing Service [Win32_Shared | On_Demand | Stopped] -> %System32%\cisvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5632 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
(ClipSrv) ClipBook [Win32_Own | Disabled | Stopped] -> %System32%\clipsrv.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
(COMSysApp) COM+ System Application [Win32_Own | On_Demand | Stopped] -> %System32%\dllhost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5120 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
(CryptSvc) Cryptographic Services [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Dhcp) DHCP Client [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
(dmserver) Logical Disk Manager [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Dnscache) DNS Client [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(ERSvc) Error Reporting Service [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Eventlog) Event Log [Win32_Shared | Auto | Running] -> %System32%\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 7:56:56 AM | Attr = ]
(EventSystem) COM+ Event System [Win32_Shared | On_Demand | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(FastUserSwitchingCompatibility) Fast User Switching Compatibility [Win32_Shared | On_Demand | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(HidServ) HID Input Service [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(HTTPFilter) HTTP SSL [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(ImapiService) IMAPI CD-Burning COM Service [Win32_Own | On_Demand | Stopped] -> %System32%\imapi.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 150016 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
(lanmanserver) Server [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(lanmanworkstation) Workstation [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(LmHosts) TCP/IP NetBIOS Helper [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Messenger) Messenger [Win32_Shared | Disabled | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(mnmsrvc) NetMeeting Remote Desktop Sharing [Win32_Own | On_Demand | Stopped] -> %System32%\mnmsrvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 | Size = 32768 bytes | Modified Date = 8/4/2004 7:56:52 AM | Attr = ]
(MSDTC) Distributed Transaction Coordinator [Win32_Own | On_Demand | Stopped] -> %System32%\msdtc.exe -> Microsoft Corporation [Ver = 2001.12.4414.258 | Size = 6144 bytes | Modified Date = 8/4/2004 7:56:54 AM | Attr = ]
(MSIServer) Windows Installer [Win32_Shared | On_Demand | Stopped] -> %System32%\msiexec.exe -> Microsoft Corporation [Ver = 3.1.4000.1823 | Size = 78848 bytes | Modified Date = 5/4/2005 2:45:36 PM | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 2, 0 | Size = 774144 bytes | Modified Date = 11/10/2006 7:18:02 PM | Attr = ]
(NetDDE) Network DDE [Win32_Shared | Disabled | Stopped] -> %System32%\netdde.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 111104 bytes | Modified Date = 8/4/2004 7:56:54 AM | Attr = ]
(NetDDEdsdm) Network DDE DSDM [Win32_Shared | Disabled | Stopped] -> %System32%\netdde.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 111104 bytes | Modified Date = 8/4/2004 7:56:54 AM | Attr = ]
(Netlogon) Net Logon [Win32_Shared | On_Demand | Stopped] -> %System32%\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
(Netman) Network Connections [Win32_Shared | On_Demand | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Nla) Network Location Awareness (NLA) [Win32_Shared | On_Demand | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(NtLmSsp) NT LM Security Support Provider [Win32_Shared | On_Demand | Stopped] -> %System32%\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
(NtmsSvc) Removable Storage [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 77824 bytes | Modified Date = 12/16/2001 5:55:08 PM | Attr = R ]
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> Microsoft Corporation [Ver = 11.0.5525 | Size = 89136 bytes | Modified Date = 7/28/2003 12:28:22 PM | Attr = ]
(PlugPlay) Plug and Play [Win32_Shared | Auto | Running] -> %System32%\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 7:56:56 AM | Attr = ]
(PolicyAgent) IPSEC Services [Win32_Shared | Auto | Running] -> %System32%\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
(ProtectedStorage) Protected Storage [Win32_Shared | Auto | Running] -> %System32%\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
(RasAuto) Remote Access Auto Connection Manager [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(RasMan) Remote Access Connection Manager [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(RDSessMgr) Remote Desktop Help Session Manager [Win32_Own | On_Demand | Stopped] -> %System32%\sessmgr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 7:56:56 AM | Attr = ]
(RemoteAccess) Routing and Remote Access [Win32_Shared | Disabled | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(RpcLocator) Remote Procedure Call (RPC) Locator [Win32_Own | On_Demand | Stopped] -> %System32%\locator.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 75264 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
(RpcSs) Remote Procedure Call (RPC) [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(RSVP) QoS RSVP [Win32_Own | On_Demand | Stopped] -> %System32%\rsvp.exe -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 132608 bytes | Modified Date = 8/18/2001 12:00:00 PM | Attr = ]
(SamSs) Security Accounts Manager [Win32_Shared | Auto | Running] -> %System32%\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:56:50 AM | Attr = ]
(SCardSvr) Smart Card [Win32_Shared | On_Demand | Stopped] -> %System32%\scardsvr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 95744 bytes | Modified Date = 8/4/2004 7:56:56 AM | Attr = ]
(Schedule) Task Scheduler [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(seclogon) Secondary Logon [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(SENS) System Event Notification [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(SharedAccess) Windows Firewall/Internet Connection Sharing (ICS) [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(ShellHWDetection) Shell Hardware Detection [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Spooler) Print Spooler [Win32_Own | Auto | Running] -> %System32%\spoolsv.exe -> Microsoft Corporation [Ver = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) | Size = 57856 bytes | Modified Date = 6/10/2005 11:53:32 PM | Attr = ]
(srservice) System Restore Service [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(SSDPSRV) SSDP Discovery Service [Win32_Shared | On_Demand | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(stisvc) Windows Image Acquisition (WIA) [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(SwPrv) MS Software Shadow Copy Provider [Win32_Own | On_Demand | Stopped] -> %System32%\dllhost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5120 bytes | Modified Date = 8/4/2004 7:56:48 AM | Attr = ]
(SysmonLog) Performance Logs and Alerts [Win32_Own | On_Demand | Stopped] -> %System32%\smlogsvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 89600 bytes | Modified Date = 8/4/2004 7:56:56 AM | Attr = ]
(TapiSrv) Telephony [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(TermService) Terminal Services [Win32_Shared | On_Demand | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(Themes) Themes [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(TrkWks) Distributed Link Tracking Client [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(upnphost) Universal Plug and Play Device Host [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(UPS) Uninterruptible Power Supply [Win32_Own | On_Demand | Stopped] -> %System32%\ups.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 18432 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(usprserv) User Privilege Service [Win32_Own | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 1672976 bytes | Modified Date = 7/17/2005 11:20:28 PM | Attr = ]
(VSS) Volume Shadow Copy [Win32_Own | On_Demand | Stopped] -> %System32%\vssvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 289792 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(W32Time) Windows Time [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(WebClient) WebClient [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(winmgmt) Windows Management Instrumentation [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(WmdmPmSN) Portable Media Serial Number Service [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(WmiApSrv) WMI Performance Adapter [Win32_Own | On_Demand | Stopped] -> %System32%\wbem\wmiapsrv.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 126464 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> Microsoft Corporation [Ver = 11.0.5721.5145 (WMP_11.061018-2006) | Size = 913408 bytes | Modified Date = 10/18/2006 8:05:24 PM | Attr = ]
(wscsvc) Security Center [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(wuauserv) Automatic Updates [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(WZCSVC) Wireless Zero Configuration [Win32_Shared | Auto | Running] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]
(xmlprov) Network Provisioning Service [Win32_Shared | On_Demand | Stopped] -> %System32%\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:56:58 AM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
-> -> File not found
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 12:20:00 PM | Attr = ]
C-Media Mixer -> %SystemRoot%\mixer.exe -> C-Media Electronic Inc. (www.cmedia.com.tw) [Ver = 1.55 | Size = 1581056 bytes | Modified Date = 7/12/2002 4:33:12 PM | Attr = ]
DAEMON Tools -> %ProgramFiles%\DAEMON Tools\daemon.exe -> DT Soft Ltd. [Ver = 4.08.0.0 | Size = 157592 bytes | Modified Date = 11/12/2006 10:48:48 AM | Attr = ]
JOYTECH USB Neo S Controller -> %ProgramFiles%\JoyTechEurope\JOYTECHUSBNeoSController\JoytechNeoSTrayIcon.exe -> JOYTECH Europe Ltd. All rights reserved. [Ver = 2.01.0000 | Size = 233472 bytes | Modified Date = 6/3/2005 8:47:42 PM | Attr = ]
kav -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 139367 bytes | Modified Date = 3/24/2006 7:09:22 PM | Attr = ]
NeroFilterCheck -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe -> Nero AG [Ver = 1, 0, 0, 5 | Size = 155648 bytes | Modified Date = 1/12/2006 3:40:44 PM | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 2899968 bytes | Modified Date = 12/16/2001 5:55:04 PM | Attr = R ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 46080 bytes | Modified Date = 12/16/2001 5:55:04 PM | Attr = R ]
nwiz -> %System32%\nwiz.exe -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 782336 bytes | Modified Date = 12/16/2001 5:55:10 PM | Attr = R ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.5a38 | Size = 282624 bytes | Modified Date = 12/19/2006 6:00:14 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 36975 bytes | Modified Date = 4/13/2005 3:48:52 AM | Attr = ]
Zone Labs Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 980752 bytes | Modified Date = 7/17/2005 11:21:16 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> Nero AG [Ver = 1, 5, 3, 0 | Size = 139264 bytes | Modified Date = 11/16/2006 7:04:20 PM | Attr = ]
BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 2:13:28 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.yahoo.com/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2005, 11, 4, 1 | Size = 399352 bytes | Modified Date = 6/7/2006 10:09:22 AM | Attr = ]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> %ProgramFiles%\BitComet\tools\BitCometBHO.dll [BitComet Helper] -> BitComet [Ver = 20061213 | Size = 325184 bytes | Modified Date = 12/15/2006 8:05:08 AM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 11, 4, 1 | Size = 399352 bytes | Modified Date = 6/7/2006 10:09:22 AM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 11, 4, 1 | Size = 399352 bytes | Modified Date = 6/7/2006 10:09:22 AM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8196 - Sun Java Console ->
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} -> 8197 - Reg Data - Value does not exist ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8194 - Reg Data - Value does not exist ->
{e2e2dd38-d088-4134-82b7-f2ba38496583} -> 8195 - @xpsp3res.dll,-20001 ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8193 - Windows Messenger ->
NextId -> 8198 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_03\bin\npjpi150_03.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 69746 bytes | Modified Date = 4/13/2005 4:06:32 AM | Attr = ]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} -> Reg Data - Value does not exist [ButtonText: Web Anti-Virus] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> %ProgramFiles%\Messenger\msmsgs.exe [ButtonText: Messenger] -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 454656 bytes | Modified Date = 12/16/2001 5:55:08 PM | Attr = R ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 454656 bytes | Modified Date = 12/16/2001 5:55:08 PM | Attr = R ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [nView Desktop Context Menu] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 454656 bytes | Modified Date = 12/16/2001 5:55:08 PM | Attr = R ]
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{85E0B171-04FA-11D1-B7DA-00A0C90348D6} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll [Web Anti-Virus] -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 184430 bytes | Modified Date = 3/24/2006 7:07:44 PM | Attr = ]
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/18/2001 12:00:00 PM | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 2899968 bytes | Modified Date = 12/16/2001 5:55:04 PM | Attr = R ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 126464 bytes | Modified Date = 12/3/2006 2:53:06 PM | Attr = ]
{FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> %System32%\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 2899968 bytes | Modified Date = 12/16/2001 5:55:04 PM | Attr = R ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} [HKLM] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBShell.dll [NBShellHook Class] -> Nero AG [Ver = 2, 7, 2, 0 | Size = 73728 bytes | Modified Date = 11/10/2006 7:18:26 PM | Attr = ]
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 11:40:48 AM | Attr = ]
{dd230880-495a-11d1-b064-008048ec2fc5} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll [Kaspersky Anti-Virus] -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 41067 bytes | Modified Date = 3/24/2006 7:08:16 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 12/3/2006 2:53:06 PM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 11:40:48 AM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 12/3/2006 2:53:06 PM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [00nView] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 454656 bytes | Modified Date = 12/16/2001 5:55:08 PM | Attr = R ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 2899968 bytes | Modified Date = 12/16/2001 5:55:04 PM | Attr = R ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} [HKLM] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBShell.dll [NBShellHook Class] -> Nero AG [Ver = 2, 7, 2, 0 | Size = 73728 bytes | Modified Date = 11/10/2006 7:18:26 PM | Attr = ]
{dd230880-495a-11d1-b064-008048ec2fc5} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll [Kaspersky Anti-Virus] -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 41067 bytes | Modified Date = 3/24/2006 7:08:16 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 12/3/2006 2:53:06 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{66EFB68B-EC48-4563-AE1C-72B3B37F3105} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) ->
{DF8AC1FB-D03C-4860-A735-F70742F63ACB} -> (1394 Net Adapter) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> QuickTime Object - CodeBase = http://www.apple.com/qtactivex/qtplugin.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://download.macromedia.com/pub/shockwa...director/sw.cab ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase = http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1166548926780 ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1166549908092 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_03 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_03 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CD995117-98E5-4169-9920-6C12D4C0B548} -> HGPlugin9USA Class - CodeBase = http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab ->

Edited by tupat, 11 January 2007 - 08:12 AM.


#5 tupat

tupat
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 11 January 2007 - 08:13 AM

[Files - Created Wihin 30 days]
AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Created Date = 12/18/2006 2:40:28 PM | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Created Date = 12/18/2006 2:23:49 PM | Attr = RHS]
CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Created Date = 12/18/2006 2:40:28 PM | Attr = ]
HijackThis.exe -> %SystemDrive%\HijackThis.exe -> Soeperman Enterprises Ltd. [Ver = 1.99.0001 | Size = 218112 bytes | Created Date = 1/5/2007 7:16:31 PM | Attr = ]
IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 12/18/2006 2:40:28 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 12/18/2006 2:40:28 PM | Attr = RHS]
bigfoot.bmp -> %CommonProgramFiles%\Services\bigfoot.bmp -> [Ver = | Size = 2702 bytes | Created Date = 12/18/2006 2:37:24 PM | Attr = ]
verisign.bmp -> %CommonProgramFiles%\Services\verisign.bmp -> [Ver = | Size = 2702 bytes | Created Date = 12/18/2006 2:37:24 PM | Attr = ]
whowhere.bmp -> %CommonProgramFiles%\Services\whowhere.bmp -> [Ver = | Size = 2702 bytes | Created Date = 12/18/2006 2:37:24 PM | Attr = ]
ROLLBACK.DB -> %CommonProgramFiles%\Ahead\Lib\ROLLBACK.DB -> [Ver = | Size = 387072 bytes | Created Date = 12/20/2006 12:45:31 PM | Attr = ]
NeroAti.dll -> %CommonProgramFiles%\Ahead\RemoteControl\NeroAti.dll -> Nero AG [Ver = 1, 5, 3, 0 | Size = 8704 bytes | Created Date = 12/20/2006 12:45:31 PM | Attr = ]
iscript.dll -> %CommonProgramFiles%\InstallShield\IScript\iscript.dll -> InstallShield Software Corporation [Ver = 6, 22, 100, 1444 | Size = 221184 bytes | Created Date = 12/18/2006 9:03:02 PM | Attr = ]
IEFILES5.INF -> %CommonProgramFiles%\Microsoft Shared\MSInfo\IEFILES5.INF -> [Ver = | Size = 617 bytes | Created Date = 12/18/2006 2:37:10 PM | Attr = ]
aleabanr.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\aleabanr.gif -> [Ver = | Size = 7830 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
amaizrul.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\amaizrul.gif -> [Ver = | Size = 2184 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
anabnr2.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\anabnr2.gif -> [Ver = | Size = 15492 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
aswrule.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\aswrule.gif -> [Ver = | Size = 2086 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
Blank Bkgrd.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\Blank Bkgrd.gif -> [Ver = | Size = 145 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
Blank.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Blank.htm -> [Ver = | Size = 412 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
Btzhsepa.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\Btzhsepa.gif -> [Ver = | Size = 978 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
citbannA.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\citbannA.gif -> [Ver = | Size = 11959 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
Citrus Punch Bkgrd.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\Citrus Punch Bkgrd.gif -> [Ver = | Size = 2454 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
Citrus Punch.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Citrus Punch.htm -> [Ver = | Size = 403 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
Clear Day Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Clear Day Bkgrd.jpg -> [Ver = | Size = 5675 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Clear Day.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Clear Day.htm -> [Ver = | Size = 276 bytes | Created Date = 12/18/2006 2:37:20 PM | Attr = ]
fieruled.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\fieruled.gif -> [Ver = | Size = 1325 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Fiesta Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Fiesta Bkgrd.jpg -> [Ver = | Size = 5048 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Fiesta.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Fiesta.htm -> [Ver = | Size = 319 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Glacier Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Glacier Bkgrd.jpg -> [Ver = | Size = 2743 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Glacier.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Glacier.htm -> [Ver = | Size = 272 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Ivy.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\Ivy.gif -> [Ver = | Size = 5665 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Ivy.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Ivy.htm -> [Ver = | Size = 367 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Leaves Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Leaves Bkgrd.jpg -> [Ver = | Size = 4389 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Leaves.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Leaves.htm -> [Ver = | Size = 368 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Maize Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Maize Bkgrd.jpg -> [Ver = | Size = 11748 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Maize.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Maize.htm -> [Ver = | Size = 366 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Nature Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Nature Bkgrd.jpg -> [Ver = | Size = 3781 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Nature.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Nature.htm -> [Ver = | Size = 398 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Network Blitz Bkgrd.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\Network Blitz Bkgrd.gif -> [Ver = | Size = 5314 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Network Blitz.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Network Blitz.htm -> [Ver = | Size = 407 bytes | Created Date = 12/18/2006 2:37:21 PM | Attr = ]
Pie Charts Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Pie Charts Bkgrd.jpg -> [Ver = | Size = 2371 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
Pie Charts.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Pie Charts.htm -> [Ver = | Size = 290 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
sunbannA.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\sunbannA.gif -> [Ver = | Size = 9749 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
Sunflower Bkgrd.jpg -> %CommonProgramFiles%\Microsoft Shared\Stationery\Sunflower Bkgrd.jpg -> [Ver = | Size = 17147 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
Sunflower.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Sunflower.htm -> [Ver = | Size = 402 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
Sweets Bkgrd.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\Sweets Bkgrd.gif -> [Ver = | Size = 917 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
Sweets.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Sweets.htm -> [Ver = | Size = 361 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
tech.gif -> %CommonProgramFiles%\Microsoft Shared\Stationery\tech.gif -> [Ver = | Size = 862 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
Technical.htm -> %CommonProgramFiles%\Microsoft Shared\Stationery\Technical.htm -> [Ver = | Size = 411 bytes | Created Date = 12/18/2006 2:37:22 PM | Attr = ]
adojavas.inc -> %CommonProgramFiles%\System\ado\adojavas.inc -> [Ver = | Size = 14610 bytes | Created Date = 12/18/2006 2:37:11 PM | Attr = ]
adovbs.inc -> %CommonProgramFiles%\System\ado\adovbs.inc -> [Ver = | Size = 14951 bytes | Created Date = 12/18/2006 2:37:11 PM | Attr = ]
MDACReadme.htm -> %CommonProgramFiles%\System\ado\MDACReadme.htm -> [Ver = | Size = 543 bytes | Created Date = 12/18/2006 2:37:11 PM | Attr = ]
adcjavas.inc -> %CommonProgramFiles%\System\msadc\adcjavas.inc -> [Ver = | Size = 629 bytes | Created Date = 12/18/2006 2:37:10 PM | Attr = ]
adcvbs.inc -> %CommonProgramFiles%\System\msadc\adcvbs.inc -> [Ver = | Size = 622 bytes | Created Date = 12/18/2006 2:37:10 PM | Attr = ]
handler.reg -> %CommonProgramFiles%\System\msadc\handler.reg -> [Ver = | Size = 518 bytes | Created Date = 12/18/2006 2:37:10 PM | Attr = ]
handsafe.reg -> %CommonProgramFiles%\System\msadc\handsafe.reg -> [Ver = | Size = 588 bytes | Created Date = 12/18/2006 2:37:10 PM | Attr = ]
handunsf.reg -> %CommonProgramFiles%\System\msadc\handunsf.reg -> [Ver = | Size = 573 bytes | Created Date = 12/18/2006 2:37:10 PM | Attr = ]
oledbjvs.inc -> %CommonProgramFiles%\System\Ole DB\oledbjvs.inc -> [Ver = | Size = 9804 bytes | Created Date = 12/18/2006 2:37:13 PM | Attr = ]
oledbvbs.inc -> %CommonProgramFiles%\System\Ole DB\oledbvbs.inc -> [Ver = | Size = 9975 bytes | Created Date = 12/18/2006 2:37:13 PM | Attr = ]
sqlsoldb.chm -> %CommonProgramFiles%\System\Ole DB\sqlsoldb.chm -> [Ver = | Size = 35631 bytes | Created Date = 12/18/2006 2:37:14 PM | Attr = ]
1033.mst -> %CommonProgramFiles%\Ahead\NTP\Nero 7\1033.mst -> [Ver = | Size = 23552 bytes | Created Date = 12/20/2006 12:46:51 PM | Attr = ]
iKernel.rgs -> %CommonProgramFiles%\InstallShield\Professional\RunTime\iKernel.rgs -> [Ver = | Size = 25830 bytes | Created Date = 1/5/2007 7:33:37 PM | Attr = ]
IsProBE.tlb -> %CommonProgramFiles%\InstallShield\Professional\RunTime\IsProBE.tlb -> [Ver = | Size = 85240 bytes | Created Date = 1/5/2007 7:33:37 PM | Attr = ]
Objectps.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\Objectps.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1261 | Size = 32768 bytes | Created Date = 1/5/2007 7:33:37 PM | Attr = ]
corecomp.ini -> %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\corecomp.ini -> [Ver = | Size = 28529 bytes | Created Date = 12/18/2006 9:03:02 PM | Attr = ]
ctor.dll -> %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\ctor.dll -> InstallShield Software Corporation [Ver = 6, 22, 100, 1438 | Size = 77824 bytes | Created Date = 12/18/2006 9:03:02 PM | Attr = ]
IKernel.exe -> %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\IKernel.exe -> InstallShield Software Corporation [Ver = 6, 22, 100, 1511 | Size = 602244 bytes | Created Date = 12/18/2006 9:03:00 PM | Attr = ]
iuser.dll -> %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\iuser.dll -> InstallShield Software Corporation [Ver = 6, 22, 100, 1473 | Size = 221184 bytes | Created Date = 12/18/2006 9:03:02 PM | Attr = ]
objectps.dll -> %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\objectps.dll -> InstallShield Software Corporation [Ver = 6, 22, 100, 1419 | Size = 32768 bytes | Created Date = 12/18/2006 9:03:02 PM | Attr = ]
ltts1033.lxa -> %CommonProgramFiles%\SpeechEngines\Microsoft\Lexicon\1033\ltts1033.lxa -> [Ver = | Size = 643717 bytes | Created Date = 12/18/2006 2:25:49 PM | Attr = ]
r1033tts.lxa -> %CommonProgramFiles%\SpeechEngines\Microsoft\Lexicon\1033\r1033tts.lxa -> [Ver = | Size = 605050 bytes | Created Date = 12/18/2006 2:25:50 PM | Attr = ]
sam.sdf -> %CommonProgramFiles%\SpeechEngines\Microsoft\TTS\1033\sam.sdf -> [Ver = | Size = 888 bytes | Created Date = 12/18/2006 2:25:50 PM | Attr = ]
sam.spd -> %CommonProgramFiles%\SpeechEngines\Microsoft\TTS\1033\sam.spd -> [Ver = | Size = 1685606 bytes | Created Date = 12/18/2006 2:25:50 PM | Attr = ]
ctor.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1235 | Size = 57344 bytes | Created Date = 1/5/2007 7:33:36 PM | Attr = ]
DotNetInstaller.exe -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe -> InstallShield Software Corporation [Ver = 7.0.100.1032 | Size = 5632 bytes | Created Date = 1/5/2007 7:33:36 PM | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1234 | Size = 163972 bytes | Created Date = 1/5/2007 7:33:35 PM | Attr = ]
iKernel.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1242 | Size = 696320 bytes | Created Date = 1/5/2007 7:33:36 PM | Attr = ]
iscript.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1235 | Size = 237568 bytes | Created Date = 1/5/2007 7:33:36 PM | Attr = ]
iuser.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1236 | Size = 155648 bytes | Created Date = 1/5/2007 7:33:36 PM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1248 | Size = 282756 bytes | Created Date = 1/5/2007 7:33:35 PM | Attr = ]
Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp -> [Ver = | Size = 1272 bytes | Created Date = 12/18/2006 2:35:24 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Created Date = 12/18/2006 2:42:54 PM | Attr = S]
cmaudio.dat -> %SystemRoot%\cmaudio.dat -> [Ver = | Size = 20333 bytes | Created Date = 1/5/2007 5:24:07 PM | Attr = ]
cmaudio.ini -> %SystemRoot%\cmaudio.ini -> [Ver = | Size = 20333 bytes | Created Date = 1/5/2007 5:24:07 PM | Attr = ]
cmijack.dat -> %SystemRoot%\cmijack.dat -> [Ver = | Size = 36924 bytes | Created Date = 1/5/2007 5:24:07 PM | Attr = ]
cmuninst.dat -> %SystemRoot%\cmuninst.dat -> C-Media Electronics Inc. [Ver = 1, 0, 0, 7 | Size = 135168 bytes | Created Date = 12/18/2006 2:53:45 PM | Attr = ]
cmuninst.exe -> %SystemRoot%\cmuninst.exe -> C-Media Electronics Inc. [Ver = 1, 0, 0, 7 | Size = 139264 bytes | Created Date = 12/18/2006 2:53:45 PM | Attr = ]
Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp -> [Ver = | Size = 17062 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Created Date = 12/18/2006 2:40:28 PM | Attr = ]
desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 12/18/2006 2:37:38 PM | Attr = ]
FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp -> [Ver = | Size = 16730 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp -> [Ver = | Size = 17336 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
Greenstone.bmp -> %SystemRoot%\Greenstone.bmp -> [Ver = | Size = 26582 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
GunzLauncher.INI -> %SystemRoot%\GunzLauncher.INI -> [Ver = | Size = 50 bytes | Created Date = 12/18/2006 10:54:47 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Created Date = 12/18/2006 2:25:57 PM | Attr = ]
iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Created Date = 12/19/2006 1:04:48 PM | Attr = ]
mixer.exe -> %SystemRoot%\mixer.exe -> C-Media Electronic Inc. (www.cmedia.com.tw) [Ver = 1.55 | Size = 1581056 bytes | Created Date = 12/18/2006 2:53:44 PM | Attr = ]
mixerdef.ini -> %SystemRoot%\mixerdef.ini -> [Ver = | Size = 25 bytes | Created Date = 12/18/2006 3:01:53 PM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Created Date = 12/23/2006 12:48:27 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 1/1/2007 12:00:32 AM | Attr = ]
ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 376 bytes | Created Date = 1/3/2007 1:16:30 PM | Attr = ]
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Created Date = 12/18/2006 2:25:52 PM | Attr = ]
Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp -> [Ver = | Size = 65954 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Created Date = 12/18/2006 2:43:51 PM | Attr = ]
Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [Ver = | Size = 17362 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
River Sumida.bmp -> %SystemRoot%\River Sumida.bmp -> [Ver = | Size = 26680 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp -> [Ver = | Size = 65832 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
SET3.tmp -> %SystemRoot%\SET3.tmp -> [Ver = | Size = 1085913 bytes | Created Date = 12/18/2006 2:25:14 PM | Attr = R ]
SET7.tmp -> %SystemRoot%\SET7.tmp -> [Ver = | Size = 13608 bytes | Created Date = 12/18/2006 2:25:17 PM | Attr = R ]
setupapi.log.0.old -> %SystemRoot%\setupapi.log.0.old -> [Ver = | Size = 1036862 bytes | Created Date = 12/18/2006 2:25:02 PM | Attr = ]
SetupExt.001 -> %SystemRoot%\SetupExt.001 -> [Ver = | Size = 7485 bytes | Created Date = 12/18/2006 3:02:44 PM | Attr = ]
SETUPX32.EXE -> %SystemRoot%\SETUPX32.EXE -> UC-Logic Technology Corp. [Ver = 1.00 | Size = 217088 bytes | Created Date = 12/18/2006 3:02:44 PM | Attr = ]
Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp -> [Ver = | Size = 65978 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
tlknw1.ini -> %SystemRoot%\tlknw1.ini -> [Ver = | Size = 51 bytes | Created Date = 1/6/2007 8:04:11 PM | Attr = ]
tlknw10.ini -> %SystemRoot%\tlknw10.ini -> [Ver = | Size = 51 bytes | Created Date = 1/6/2007 9:30:55 PM | Attr = ]
tlknw14.ini -> %SystemRoot%\tlknw14.ini -> [Ver = | Size = 51 bytes | Created Date = 1/6/2007 9:31:09 PM | Attr = ]
tlknw15.ini -> %SystemRoot%\tlknw15.ini -> [Ver = | Size = 48 bytes | Created Date = 1/6/2007 9:31:30 PM | Attr = ]
tlknw16.ini -> %SystemRoot%\tlknw16.ini -> [Ver = | Size = 49 bytes | Created Date = 1/6/2007 9:29:12 PM | Attr = ]
tlknw17.ini -> %SystemRoot%\tlknw17.ini -> [Ver = | Size = 48 bytes | Created Date = 1/6/2007 8:28:39 PM | Attr = ]
tlknw18.ini -> %SystemRoot%\tlknw18.ini -> [Ver = | Size = 610 bytes | Created Date = 1/6/2007 8:05:25 PM | Attr = ]
tlknw19.ini -> %SystemRoot%\tlknw19.ini -> [Ver = | Size = 608 bytes | Created Date = 1/6/2007 8:04:58 PM | Attr = ]
tlknw20.ini -> %SystemRoot%\tlknw20.ini -> [Ver = | Size = 629 bytes | Created Date = 1/6/2007 8:07:35 PM | Attr = ]
tlknw23.ini -> %SystemRoot%\tlknw23.ini -> [Ver = | Size = 614 bytes | Created Date = 1/6/2007 8:07:23 PM | Attr = ]
tlknw28.ini -> %SystemRoot%\tlknw28.ini -> [Ver = | Size = 49 bytes | Created Date = 1/6/2007 8:06:55 PM | Attr = ]
tlknw5.ini -> %SystemRoot%\tlknw5.ini -> [Ver = | Size = 51 bytes | Created Date = 1/6/2007 9:30:32 PM | Attr = ]
tlknw8.ini -> %SystemRoot%\tlknw8.ini -> [Ver = | Size = 50 bytes | Created Date = 1/6/2007 9:30:45 PM | Attr = ]
vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Created Date = 12/18/2006 2:36:46 PM | Attr = ]
vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Created Date = 12/18/2006 2:36:46 PM | Attr = ]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Created Date = 12/18/2006 2:38:47 PM | Attr = RH ]
winnt.bmp -> %SystemRoot%\winnt.bmp -> [Ver = | Size = 48680 bytes | Created Date = 12/18/2006 2:37:39 PM | Attr = HS]
winnt256.bmp -> %SystemRoot%\winnt256.bmp -> [Ver = | Size = 48680 bytes | Created Date = 12/18/2006 2:37:39 PM | Attr = HS]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 12/19/2006 6:36:40 PM | Attr = ]
WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx -> [Ver = | Size = 299552 bytes | Created Date = 12/18/2006 2:40:22 PM | Attr = ]
Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Created Date = 12/18/2006 2:35:25 PM | Attr = ]
$winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 302 bytes | Created Date = 12/18/2006 2:23:46 PM | Attr = ]
a3d.dll -> %System32%\a3d.dll -> Sensaura Ltd [Ver = 4.12.01.2008a | Size = 712704 bytes | Created Date = 12/18/2006 2:53:44 PM | Attr = ]
amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Created Date = 12/18/2006 2:40:24 PM | Attr = ]
amstream.dll -> %System32%\amstream.dll -> [Ver = | Size = 70656 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
Audio3D.dll -> %System32%\Audio3D.dll -> Sensaura Ltd [Ver = 4.12.01.2008a | Size = 712704 bytes | Created Date = 12/18/2006 2:53:44 PM | Attr = ]
AUTOEXEC.NT -> %System32%\AUTOEXEC.NT -> [Ver = | Size = 1688 bytes | Created Date = 12/18/2006 2:25:31 PM | Attr = ]
bopomofo.uce -> %System32%\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 12/18/2006 2:35:23 PM | Attr = ]
cdplayer.exe.manifest -> %System32%\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Created Date = 12/18/2006 2:38:47 PM | Attr = RH ]
Chip.dll -> %System32%\Chip.dll -> [Ver = | Size = 34308 bytes | Created Date = 12/19/2006 5:14:13 PM | Attr = ]
cmnprop.dll -> %System32%\cmnprop.dll -> C-Media Corporation [Ver = 5.00.2195.11 | Size = 32768 bytes | Created Date = 12/18/2006 2:53:44 PM | Attr = ]
CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 2577 bytes | Created Date = 12/18/2006 2:40:28 PM | Attr = ]
CONFIG.TMP -> %System32%\CONFIG.TMP -> [Ver = | Size = 2577 bytes | Created Date = 12/18/2006 2:25:31 PM | Attr = ]
c_10006.nls -> %System32%\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:41 PM | Attr = ]
c_10007.nls -> %System32%\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:43 PM | Attr = ]
c_10010.nls -> %System32%\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:37 PM | Attr = ]
c_10017.nls -> %System32%\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:43 PM | Attr = ]
c_10029.nls -> %System32%\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:37 PM | Attr = ]
c_10081.nls -> %System32%\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:45 PM | Attr = ]
c_10082.nls -> %System32%\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:37 PM | Attr = ]
c_20127.nls -> %System32%\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:36 PM | Attr = ]
C_28594.NLS -> %System32%\C_28594.NLS -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:40 PM | Attr = ]
C_28595.NLS -> %System32%\C_28595.NLS -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:43 PM | Attr = ]
C_28597.NLS -> %System32%\C_28597.NLS -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:41 PM | Attr = ]
c_28599.nls -> %System32%\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:46 PM | Attr = ]
c_737.nls -> %System32%\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 12/18/2006 2:25:41 PM | Attr = ]
c_852.nls -> %System32%\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 12/18/2006 2:25:37 PM | Attr = ]
c_855.nls -> %System32%\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 12/18/2006 2:25:40 PM | Attr = ]
c_857.nls -> %System32%\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 12/18/2006 2:25:45 PM | Attr = ]
c_866.nls -> %System32%\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 12/18/2006 2:25:40 PM | Attr = ]
c_869.nls -> %System32%\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 12/18/2006 2:25:41 PM | Attr = ]
c_875.nls -> %System32%\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 12/18/2006 2:25:41 PM | Attr = ]
desktop.ini -> %System32%\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 12/18/2006 2:37:38 PM | Attr = ]
devenum.dll -> %System32%\devenum.dll -> [Ver = | Size = 59904 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
dgrpsetu.dll -> %System32%\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 12/18/2006 2:25:35 PM | Attr = ]
dgsetup.dll -> %System32%\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 12/18/2006 2:25:35 PM | Attr = ]
emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Created Date = 12/18/2006 2:37:00 PM | Attr = ]
EqnClass.Dll -> %System32%\EqnClass.Dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 12/18/2006 2:25:34 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 189000 bytes | Created Date = 12/18/2006 2:24:46 PM | Attr = ]
gb2312.uce -> %System32%\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 12/18/2006 2:35:23 PM | Attr = ]
hticons.dll -> %System32%\hticons.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Created Date = 12/18/2006 2:35:32 PM | Attr = ]
hypertrm.dll -> %System32%\hypertrm.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.2563 | Size = 347136 bytes | Created Date = 12/18/2006 2:35:32 PM | Attr = ]
ideograf.uce -> %System32%\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 12/18/2006 2:35:24 PM | Attr = ]
isrdbg32.dll -> %System32%\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Created Date = 12/18/2006 2:37:29 PM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 49248 bytes | Created Date = 1/3/2007 9:42:30 PM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 49250 bytes | Created Date = 1/3/2007 9:42:30 PM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 127078 bytes | Created Date = 1/3/2007 9:42:30 PM | Attr = ]
jpicpl32.cpl -> %System32%\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 49265 bytes | Created Date = 1/3/2007 9:42:30 PM | Attr = ]
kanji_1.uce -> %System32%\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 12/18/2006 2:35:24 PM | Attr = ]
kanji_2.uce -> %System32%\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 12/18/2006 2:35:24 PM | Attr = ]
keystone.exe -> %System32%\keystone.exe -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 315392 bytes | Created Date = 12/18/2006 9:03:16 PM | Attr = R ]
korean.uce -> %System32%\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 12/18/2006 2:35:24 PM | Attr = ]
l3codecx.ax -> %System32%\l3codecx.ax -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 5, 0, 50 | Size = 83456 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
lfbmp13n.dll -> %System32%\lfbmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 57344 bytes | Created Date = 12/30/2006 1:15:21 AM | Attr = ]
lfcmp13n.dll -> %System32%\lfcmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 401408 bytes | Created Date = 12/30/2006 1:15:21 AM | Attr = ]
lfgif13n.dll -> %System32%\lfgif13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 69632 bytes | Created Date = 12/30/2006 1:15:23 AM | Attr = ]
libdivx.dll -> %System32%\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Created Date = 12/19/2006 11:20:31 PM | Attr = ]
logonui.exe.manifest -> %System32%\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Created Date = 12/18/2006 2:38:55 PM | Attr = RH ]
ltdis13n.dll -> %System32%\ltdis13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 299008 bytes | Created Date = 12/30/2006 1:15:21 AM | Attr = ]
ltefx13n.dll -> %System32%\ltefx13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.068 | Size = 206336 bytes | Created Date = 12/30/2006 1:15:21 AM | Attr = ]
ltfil13n.dll -> %System32%\ltfil13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 163840 bytes | Created Date = 12/30/2006 1:15:21 AM | Attr = ]
ltimg13n.dll -> %System32%\ltimg13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 450560 bytes | Created Date = 12/30/2006 1:15:21 AM | Attr = ]
ltkrn13n.dll -> %System32%\ltkrn13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 462848 bytes | Created Date = 12/30/2006 1:15:21 AM | Attr = ]
mciqtz32.dll -> %System32%\mciqtz32.dll -> [Ver = | Size = 35328 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
mpeg2data.ax -> %System32%\mpeg2data.ax -> [Ver = | Size = 118272 bytes | Created Date = 12/18/2006 9:04:08 PM | Attr = ]
mpg2splt.ax -> %System32%\mpg2splt.ax -> [Ver = | Size = 148992 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
msdmo.dll -> %System32%\msdmo.dll -> [Ver = | Size = 14336 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
msdtcprf.h -> %System32%\msdtcprf.h -> [Ver = | Size = 768 bytes | Created Date = 12/18/2006 2:35:16 PM | Attr = ]
msdtcprf.ini -> %System32%\msdtcprf.ini -> [Ver = | Size = 1931 bytes | Created Date = 12/18/2006 2:35:16 PM | Attr = ]
msdvbnp.ax -> %System32%\msdvbnp.ax -> [Ver = | Size = 56832 bytes | Created Date = 12/18/2006 9:04:08 PM | Attr = ]
ncpa.cpl.manifest -> %System32%\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 12/18/2006 2:38:47 PM | Attr = RH ]
nppt9x.vxd -> %System32%\nppt9x.vxd -> [Ver = | Size = 5174 bytes | Created Date = 12/18/2006 10:55:43 PM | Attr = ]
npptNT2.sys -> %System32%\npptNT2.sys -> INCA Internet Co., Ltd. [Ver = 2005, 1, 5, 1 | Size = 4682 bytes | Created Date = 12/18/2006 10:55:43 PM | Attr = ]
nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Created Date = 12/18/2006 2:40:24 PM | Attr = ]
nv4_disp.dll -> %System32%\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 4163968 bytes | Created Date = 12/18/2006 9:03:10 PM | Attr = R ]
nvappbar.exe -> %System32%\nvappbar.exe -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 401408 bytes | Created Date = 12/18/2006 9:03:16 PM | Attr = R ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 3862 bytes | Created Date = 12/18/2006 9:03:16 PM | Attr = R ]
nvcod.dll -> %System32%\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 14 | Size = 31744 bytes | Created Date = 12/18/2006 9:03:10 PM | Attr = R ]
nvcodins.dll -> %System32%\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 14 | Size = 31744 bytes | Created Date = 12/18/2006 9:03:10 PM | Attr = R ]
nvcpl.dll -> %System32%\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 2899968 bytes | Created Date = 12/18/2006 9:03:13 PM | Attr = R ]
nvdisp.nvu -> %System32%\nvdisp.nvu -> [Ver = | Size = 11914 bytes | Created Date = 12/18/2006 9:03:15 PM | Attr = ]
nview.dll -> %System32%\nview.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 1331200 bytes | Created Date = 12/18/2006 9:03:16 PM | Attr = R ]
nvinstnt.dll -> %System32%\nvinstnt.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 131072 bytes | Created Date = 12/18/2006 9:03:10 PM | Attr = R ]
nvmctray.dll -> %System32%\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 46080 bytes | Created Date = 12/18/2006 9:03:14 PM | Attr = R ]
nvnt4cpl.dll -> %System32%\nvnt4cpl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 241664 bytes | Created Date = 12/18/2006 9:03:15 PM | Attr = R ]
nvoglnt.dll -> %System32%\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 4841472 bytes | Created Date = 12/18/2006 9:03:11 PM | Attr = R ]
nvrsar.dll -> %System32%\nvrsar.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 200704 bytes | Created Date = 12/18/2006 9:03:18 PM | Attr = R ]
nvrscs.dll -> %System32%\nvrscs.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 143360 bytes | Created Date = 12/18/2006 9:03:18 PM | Attr = R ]
nvrsda.dll -> %System32%\nvrsda.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 151552 bytes | Created Date = 12/18/2006 9:03:19 PM | Attr = R ]
nvrsde.dll -> %System32%\nvrsde.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 163840 bytes | Created Date = 12/18/2006 9:03:19 PM | Attr = R ]
nvrsel.dll -> %System32%\nvrsel.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 163840 bytes | Created Date = 12/18/2006 9:03:20 PM | Attr = R ]
nvrseng.dll -> %System32%\nvrseng.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 147456 bytes | Created Date = 12/18/2006 9:03:21 PM | Attr = R ]
nvrses.dll -> %System32%\nvrses.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 163840 bytes | Created Date = 12/18/2006 9:03:21 PM | Attr = R ]
nvrsesm.dll -> %System32%\nvrsesm.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 172032 bytes | Created Date = 12/18/2006 9:03:22 PM | Attr = R ]
nvrsfi.dll -> %System32%\nvrsfi.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 139264 bytes | Created Date = 12/18/2006 9:03:22 PM | Attr = R ]
nvrsfr.dll -> %System32%\nvrsfr.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 163840 bytes | Created Date = 12/18/2006 9:03:23 PM | Attr = R ]
nvrshe.dll -> %System32%\nvrshe.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 196608 bytes | Created Date = 12/18/2006 9:03:24 PM | Attr = R ]
nvrshu.dll -> %System32%\nvrshu.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 151552 bytes | Created Date = 12/18/2006 9:03:24 PM | Attr = R ]
nvrsit.dll -> %System32%\nvrsit.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 167936 bytes | Created Date = 12/18/2006 9:03:25 PM | Attr = R ]
nvrsja.dll -> %System32%\nvrsja.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 172032 bytes | Created Date = 12/18/2006 9:03:25 PM | Attr = R ]
nvrsko.dll -> %System32%\nvrsko.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 172032 bytes | Created Date = 12/18/2006 9:03:26 PM | Attr = R ]
nvrsnl.dll -> %System32%\nvrsnl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 159744 bytes | Created Date = 12/18/2006 9:03:26 PM | Attr = R ]
nvrsno.dll -> %System32%\nvrsno.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 147456 bytes | Created Date = 12/18/2006 9:03:27 PM | Attr = R ]
nvrspl.dll -> %System32%\nvrspl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 147456 bytes | Created Date = 12/18/2006 9:03:28 PM | Attr = R ]
nvrspt.dll -> %System32%\nvrspt.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 155648 bytes | Created Date = 12/18/2006 9:03:28 PM | Attr = R ]
nvrsptb.dll -> %System32%\nvrsptb.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 159744 bytes | Created Date = 12/18/2006 9:03:29 PM | Attr = R ]
nvrsru.dll -> %System32%\nvrsru.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 155648 bytes | Created Date = 12/18/2006 9:03:30 PM | Attr = R ]
nvrssk.dll -> %System32%\nvrssk.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 147456 bytes | Created Date = 12/18/2006 9:03:30 PM | Attr = R ]
nvrssl.dll -> %System32%\nvrssl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 155648 bytes | Created Date = 12/18/2006 9:03:31 PM | Attr = R ]
nvrssv.dll -> %System32%\nvrssv.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 147456 bytes | Created Date = 12/18/2006 9:03:31 PM | Attr = R ]
nvrstr.dll -> %System32%\nvrstr.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 151552 bytes | Created Date = 12/18/2006 9:03:32 PM | Attr = R ]
nvrszhc.dll -> %System32%\nvrszhc.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 147456 bytes | Created Date = 12/18/2006 9:03:33 PM | Attr = R ]
nvrszht.dll -> %System32%\nvrszht.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 73728 bytes | Created Date = 12/18/2006 9:03:33 PM | Attr = R ]
nvshell.dll -> %System32%\nvshell.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 454656 bytes | Created Date = 12/18/2006 9:03:17 PM | Attr = R ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 77824 bytes | Created Date = 12/18/2006 9:03:10 PM | Attr = R ]
nvtuicpl.cpl -> %System32%\nvtuicpl.cpl -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 73728 bytes | Created Date = 12/18/2006 9:03:17 PM | Attr = R ]
nvudisp.exe -> %System32%\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 53 | Size = 110592 bytes | Created Date = 12/18/2006 9:03:15 PM | Attr = ]
nvwddi.dll -> %System32%\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 35840 bytes | Created Date = 12/18/2006 9:03:14 PM | Attr = R ]
nvwdmcpl.dll -> %System32%\nvwdmcpl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 1609728 bytes | Created Date = 12/18/2006 9:03:14 PM | Attr = R ]
nvwimg.dll -> %System32%\nvwimg.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 1019904 bytes | Created Date = 12/18/2006 9:03:17 PM | Attr = R ]
nvwrsar.dll -> %System32%\nvwrsar.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 233472 bytes | Created Date = 12/18/2006 9:03:18 PM | Attr = R ]
nvwrscs.dll -> %System32%\nvwrscs.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 233472 bytes | Created Date = 12/18/2006 9:03:18 PM | Attr = R ]
nvwrsda.dll -> %System32%\nvwrsda.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 245760 bytes | Created Date = 12/18/2006 9:03:19 PM | Attr = R ]
nvwrsde.dll -> %System32%\nvwrsde.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 253952 bytes | Created Date = 12/18/2006 9:03:19 PM | Attr = R ]
nvwrsel.dll -> %System32%\nvwrsel.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 278528 bytes | Created Date = 12/18/2006 9:03:20 PM | Attr = R ]
nvwrseng.dll -> %System32%\nvwrseng.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 237568 bytes | Created Date = 12/18/2006 9:03:21 PM | Attr = R ]
nvwrses.dll -> %System32%\nvwrses.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 278528 bytes | Created Date = 12/18/2006 9:03:21 PM | Attr = R ]
nvwrsesm.dll -> %System32%\nvwrsesm.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 270336 bytes | Created Date = 12/18/2006 9:03:22 PM | Attr = R ]
nvwrsfi.dll -> %System32%\nvwrsfi.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 249856 bytes | Created Date = 12/18/2006 9:03:22 PM | Attr = R ]
nvwrsfr.dll -> %System32%\nvwrsfr.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 270336 bytes | Created Date = 12/18/2006 9:03:23 PM | Attr = R ]
nvwrshe.dll -> %System32%\nvwrshe.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 229376 bytes | Created Date = 12/18/2006 9:03:24 PM | Attr = R ]
nvwrshu.dll -> %System32%\nvwrshu.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 262144 bytes | Created Date = 12/18/2006 9:03:24 PM | Attr = R ]
nvwrsit.dll -> %System32%\nvwrsit.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 270336 bytes | Created Date = 12/18/2006 9:03:25 PM | Attr = R ]
nvwrsja.dll -> %System32%\nvwrsja.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 176128 bytes | Created Date = 12/18/2006 9:03:25 PM | Attr = R ]
nvwrsko.dll -> %System32%\nvwrsko.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 163840 bytes | Created Date = 12/18/2006 9:03:26 PM | Attr = R ]
nvwrsnl.dll -> %System32%\nvwrsnl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 262144 bytes | Created Date = 12/18/2006 9:03:27 PM | Attr = R ]
nvwrsno.dll -> %System32%\nvwrsno.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 249856 bytes | Created Date = 12/18/2006 9:03:27 PM | Attr = R ]
nvwrspl.dll -> %System32%\nvwrspl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 245760 bytes | Created Date = 12/18/2006 9:03:28 PM | Attr = R ]
nvwrspt.dll -> %System32%\nvwrspt.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 270336 bytes | Created Date = 12/18/2006 9:03:29 PM | Attr = R ]
nvwrsptb.dll -> %System32%\nvwrsptb.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 266240 bytes | Created Date = 12/18/2006 9:03:29 PM | Attr = R ]
nvwrsru.dll -> %System32%\nvwrsru.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 262144 bytes | Created Date = 12/18/2006 9:03:30 PM | Attr = R ]
nvwrssk.dll -> %System32%\nvwrssk.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 245760 bytes | Created Date = 12/18/2006 9:03:30 PM | Attr = R ]
nvwrssl.dll -> %System32%\nvwrssl.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 249856 bytes | Created Date = 12/18/2006 9:03:31 PM | Attr = R ]
nvwrssv.dll -> %System32%\nvwrssv.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 245760 bytes | Created Date = 12/18/2006 9:03:32 PM | Attr = R ]
nvwrstr.dll -> %System32%\nvwrstr.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 249856 bytes | Created Date = 12/18/2006 9:03:32 PM | Attr = R ]
nvwrszhc.dll -> %System32%\nvwrszhc.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 135168 bytes | Created Date = 12/18/2006 9:03:33 PM | Attr = R ]
nvwrszht.dll -> %System32%\nvwrszht.dll -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 139264 bytes | Created Date = 12/18/2006 9:03:34 PM | Attr = R ]
nwc.cpl.manifest -> %System32%\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 12/18/2006 2:38:47 PM | Attr = RH ]
nwiz.exe -> %System32%\nwiz.exe -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 782336 bytes | Created Date = 12/18/2006 9:03:17 PM | Attr = R ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 355086 bytes | Created Date = 12/18/2006 2:25:53 PM | Attr = ]
psisdecd.dll -> %System32%\psisdecd.dll -> [Ver = | Size = 363520 bytes | Created Date = 12/18/2006 9:04:08 PM | Attr = ]
psisrndr.ax -> %System32%\psisrndr.ax -> [Ver = | Size = 33280 bytes | Created Date = 12/18/2006 9:04:08 PM | Attr = ]
qcap.dll -> %System32%\qcap.dll -> [Ver = | Size = 192512 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
qdv.dll -> %System32%\qdv.dll -> [Ver = | Size = 279040 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
qdvd.dll -> %System32%\qdvd.dll -> [Ver = | Size = 385024 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
qedit.dll -> %System32%\qedit.dll -> [Ver = | Size = 562176 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
qedwipes.dll -> %System32%\qedwipes.dll -> [Ver = | Size = 733696 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
quartz.dll -> %System32%\quartz.dll -> [Ver = | Size = 1287168 bytes | Created Date = 12/18/2006 9:04:06 PM | Attr = ]
sapi.cpl.manifest -> %System32%\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 12/18/2006 2:38:47 PM | Attr = RH ]
secupd.dat -> %System32%\secupd.dat -> [Ver = | Size = 4569 bytes | Created Date = 12/19/2006 6:22:49 PM | Attr = ]
secupd.sig -> %System32%\secupd.sig -> [Ver = | Size = 7208 bytes | Created Date = 12/19/2006 6:22:49 PM | Attr = ]
shiftjis.uce -> %System32%\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 12/18/2006 2:35:24 PM | Attr = ]
spupdsvc.inf -> %System32%\spupdsvc.inf -> [Ver = | Size = 230 bytes | Created Date = 1/3/2007 9:18:58 PM | Attr = ]
spxcoins.dll -> %System32%\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 12/18/2006 2:25:35 PM | Attr = ]
ssldivx.dll -> %System32%\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Created Date = 12/19/2006 11:20:31 PM | Attr = ]
subrange.uce -> %System32%\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 12/18/2006 2:35:24 PM | Attr = ]
tslabels.h -> %System32%\tslabels.h -> [Ver = | Size = 3286 bytes | Created Date = 12/18/2006 2:35:19 PM | Attr = ]
tslabels.ini -> %System32%\tslabels.ini -> [Ver = | Size = 13223 bytes | Created Date = 12/18/2006 2:35:19 PM | Attr = ]
usbpadcp.dll -> %System32%\usbpadcp.dll -> [Ver = | Size = 851968 bytes | Created Date = 12/26/2006 12:30:31 AM | Attr = R ]
usbpadff.dll -> %System32%\usbpadff.dll -> SAD [Ver = 1.0.0.0 | Size = 49206 bytes | Created Date = 12/26/2006 12:30:31 AM | Attr = R ]
usrlogon.cmd -> %System32%\usrlogon.cmd -> [Ver = | Size = 1161 bytes | Created Date = 12/18/2006 2:35:19 PM | Attr = ]
vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 31762 bytes | Created Date = 12/18/2006 9:08:40 PM | Attr = H ]
vsdata.dll -> %System32%\vsdata.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 83728 bytes | Created Date = 12/18/2006 9:07:18 PM | Attr = ]
vsdatant.sys -> %System32%\vsdatant.sys -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 366736 bytes | Created Date = 12/18/2006 9:08:42 PM | Attr = ]
vsinit.dll -> %System32%\vsinit.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 141072 bytes | Created Date = 12/18/2006 9:07:18 PM | Attr = ]
vsmonapi.dll -> %System32%\vsmonapi.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 104208 bytes | Created Date = 12/18/2006 9:08:42 PM | Attr = ]
vspubapi.dll -> %System32%\vspubapi.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 227088 bytes | Created Date = 12/18/2006 9:08:42 PM | Attr = ]
vsregexp.dll -> %System32%\vsregexp.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 71440 bytes | Created Date = 12/18/2006 9:08:46 PM | Attr = ]
vsutil.dll -> %System32%\vsutil.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 382736 bytes | Created Date = 12/18/2006 9:07:18 PM | Attr = ]
vsxml.dll -> %System32%\vsxml.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 100112 bytes | Created Date = 12/18/2006 9:08:42 PM | Attr = ]
WindowsLogon.manifest -> %System32%\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Created Date = 12/18/2006 2:38:55 PM | Attr = RH ]
wmimgmt.msc -> %System32%\wmimgmt.msc -> [Ver = | Size = 63488 bytes | Created Date = 12/18/2006 2:35:03 PM | Attr = ]
wmpscheme.xml -> %System32%\wmpscheme.xml -> [Ver = | Size = 25065 bytes | Created Date = 12/18/2006 2:40:25 PM | Attr = ]
wuaucpl.cpl.manifest -> %System32%\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 12/18/2006 2:38:47 PM | Attr = RH ]
zlcomm.dll -> %System32%\zlcomm.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 79632 bytes | Created Date = 12/18/2006 9:08:46 PM | Attr = ]
zlcommdb.dll -> %System32%\zlcommdb.dll -> Zone Labs, LLC [Ver = 6.0.631.002 | Size = 71440 bytes | Created Date = 12/18/2006 9:08:46 PM | Attr = ]
zllictbl.dat -> %System32%\zllictbl.dat -> [Ver = | Size = 4212 bytes | Created Date = 12/18/2006 9:09:00 PM | Attr = H ]
a3d.dll -> %System32%\dllcache\a3d.dll -> Sensaura Ltd [Ver = 4.12.01.2008a | Size = 712704 bytes | Created Date = 12/18/2006 2:53:44 PM | Attr = ]
apphelp.sdb -> %System32%\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Created Date = 12/19/2006 6:51:40 PM | Attr = ]
apph_sp.sdb -> %System32%\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Created Date = 12/19/2006 6:51:40 PM | Attr = ]
cap7146.sys -> %System32%\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 12/18/2006 2:41:01 PM | Attr = ]
chtskf.dll -> %System32%\dllcache\chtskf.dll -> [Ver = | Size = 173568 bytes | Created Date = 12/18/2006 2:41:04 PM | Attr = ]
dgrpsetu.dll -> %System32%\dllcache\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 12/18/2006 2:25:35 PM | Attr = ]
dgsetup.dll -> %System32%\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 12/18/2006 2:25:35 PM | Attr = ]
eqnclass.dll -> %System32%\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 12/18/2006 2:25:34 PM | Attr = ]
esucmd.dll -> %System32%\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 12/18/2006 2:41:13 PM | Attr = ]
esuimgd.dll -> %System32%\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 12/18/2006 2:41:13 PM | Attr = ]
esunid.dll -> %System32%\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 12/18/2006 2:41:13 PM | Attr = ]
hanja.lex -> %System32%\dllcache\hanja.lex -> [Ver = | Size = 108827 bytes | Created Date = 12/18/2006 2:41:20 PM | Attr = ]
HPCRDP.CAT -> %System32%\dllcache\HPCRDP.CAT -> [Ver = | Size = 13472 bytes | Created Date = 12/18/2006 2:25:20 PM | Attr = ]
htrn_jis.dll -> %System32%\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 13312 bytes | Created Date = 12/18/2006 2:35:32 PM | Attr = ]
hwxjpn.dll -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Created Date = 12/18/2006 2:41:25 PM | Attr = ]
IASNT4.CAT -> %System32%\dllcache\IASNT4.CAT -> [Ver = | Size = 8574 bytes | Created Date = 12/18/2006 2:25:20 PM | Attr = ]
imekr.lex -> %System32%\dllcache\imekr.lex -> [Ver = | Size = 134339 bytes | Created Date = 12/18/2006 2:41:36 PM | Attr = ]
imjpinst.exe -> %System32%\dllcache\imjpinst.exe -> [Ver = | Size = 196665 bytes | Created Date = 12/18/2006 2:41:38 PM | Attr = ]
imscinst.exe -> %System32%\dllcache\imscinst.exe -> [Ver = | Size = 59392 bytes | Created Date = 12/18/2006 2:41:39 PM | Attr = ]
korwbrkr.lex -> %System32%\dllcache\korwbrkr.lex -> [Ver = | Size = 1158818 bytes | Created Date = 12/18/2006 2:41:49 PM | Attr = ]
ltts1033.lxa -> %System32%\dllcache\ltts1033.lxa -> [Ver = | Size = 643717 bytes | Created Date = 12/18/2006 2:25:49 PM | Attr = ]
MAPIMIG.CAT -> %System32%\dllcache\MAPIMIG.CAT -> [Ver = | Size = 399645 bytes | Created Date = 12/18/2006 2:25:20 PM | Attr = ]
MW770.CAT -> %System32%\dllcache\MW770.CAT -> [Ver = | Size = 37484 bytes | Created Date = 12/18/2006 2:25:20 PM | Attr = ]
nls302en.lex -> %System32%\dllcache\nls302en.lex -> [Ver = | Size = 4399505 bytes | Created Date = 12/18/2006 2:38:26 PM | Attr = ]
NT5IIS.CAT -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 797189 bytes | Created Date = 12/18/2006 2:25:19 PM | Attr = ]
OEMBIOS.CAT -> %System32%\dllcache\OEMBIOS.CAT -> [Ver = | Size = 7046 bytes | Created Date = 12/18/2006 2:25:20 PM | Attr = ]
pintlcsa.dll -> %System32%\dllcache\pintlcsa.dll -> [Ver = | Size = 175104 bytes | Created Date = 12/18/2006 2:42:09 PM | Attr = ]
r1033tts.lxa -> %System32%\dllcache\r1033tts.lxa -> [Ver = | Size = 605050 bytes | Created Date = 12/18/2006 2:25:50 PM | Attr = ]
rw330ext.dll -> %System32%\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 12/18/2006 2:42:16 PM | Attr = ]
rwia001.dll -> %System32%\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 12/18/2006 2:42:16 PM | Attr = ]
rwia330.dll -> %System32%\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 12/18/2006 2:42:17 PM | Attr = ]
sam.sdf -> %System32%\dllcache\sam.sdf -> [Ver = | Size = 888 bytes | Created Date = 12/18/2006 2:25:50 PM | Attr = ]
sam.spd -> %System32%\dllcache\sam.spd -> [Ver = | Size = 1685606 bytes | Created Date = 12/18/2006 2:25:50 PM | Attr = ]
spxcoins.dll -> %System32%\dllcache\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 12/18/2006 2:25:35 PM | Attr = ]
srframe.mmf -> %System32%\dllcache\srframe.mmf -> [Ver = | Size = 984 bytes | Created Date = 12/18/2006 2:37:31 PM | Attr = ]
sysmain.sdb -> %System32%\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Created Date = 12/19/2006 6:51:39 PM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 1/3/2007 10:17:09 PM | Attr = ]
cmaudio.sys -> %System32%\drivers\cmaudio.sys -> C-Media Inc [Ver = 5.12.01.0639 | Size = 379726 bytes | Created Date = 12/18/2006 2:53:43 PM | Attr = ]
CTXH51.sys -> %System32%\drivers\CTXH51.sys -> Intel Corporation [Ver = 4.12 | Size = 454815 bytes | Created Date = 12/18/2006 2:52:53 PM | Attr = R ]
dump_wmimmc.sys -> %System32%\drivers\dump_wmimmc.sys -> [Ver = | Size = 111227 bytes | Created Date = 1/6/2007 4:02:29 PM | Attr = ]
fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 1969440 bytes | Created Date = 1/1/1601 | Attr = HS]
fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 31556 bytes | Created Date = 1/1/1601 | Attr = HS]
fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 52256 bytes | Created Date = 1/1/1601 | Attr = HS]
fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 6968 bytes | Created Date = 1/1/1601 | Attr = HS]
ggsemc.sys -> %System32%\drivers\ggsemc.sys -> Sony Ericsson Mobile Communications [Ver = 1.0.0.5 | Size = 8704 bytes | Created Date = 1/1/2007 1:58:22 AM | Attr = ]
klif.sys -> %System32%\drivers\klif.sys -> Kaspersky Lab [Ver = 6.12.10.207 | Size = 162064 bytes | Created Date = 1/3/2007 10:28:41 PM | Attr = ]
nv4_mini.sys -> %System32%\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.5655 | Size = 1880320 bytes | Created Date = 12/18/2006 9:03:09 PM | Attr = R ]
rtl8139.sys -> %System32%\drivers\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Created Date = 12/18/2006 2:32:02 PM | Attr = ]
sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 639224 bytes | Created Date = 1/1/1601 | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 1/3/2007 9:46:54 PM | Attr = ]

[Files - Modified Wihin 30 days]
AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 12/18/2006 2:40:30 PM | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 1/3/2007 11:22:14 PM | Attr = RHS]
CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 12/18/2006 2:40:30 PM | Attr = ]
IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 12/18/2006 2:40:30 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 12/18/2006 2:40:30 PM | Attr = RHS]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM -> [Ver = | Size = 47564 bytes | Modified Date = 12/19/2006 6:31:18 PM | Attr = RHS]
ROLLBACK.DB -> %CommonProgramFiles%\Ahead\Lib\ROLLBACK.DB -> [Ver = | Size = 387072 bytes | Modified Date = 12/20/2006 12:46:44 PM | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1234 | Size = 163972 bytes | Modified Date = 1/5/2007 7:33:36 PM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1248 | Size = 282756 bytes | Modified Date = 1/5/2007 7:33:36 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 1/11/2007 12:43:00 PM | Attr = S]
control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 12/18/2006 2:40:30 PM | Attr = ]
GunzLauncher.INI -> %SystemRoot%\GunzLauncher.INI -> [Ver = | Size = 50 bytes | Modified Date = 1/6/2007 4:22:08 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 1/3/2007 9:19:36 PM | Attr = ]
iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Modified Date = 12/19/2006 1:03:54 PM | Attr = ]
mixerdef.ini -> %SystemRoot%\mixerdef.ini -> [Ver = | Size = 25 bytes | Modified Date = 1/5/2007 5:46:28 PM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 1/11/2007 12:35:48 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 1/1/2007 12:00:34 AM | Attr = ]
ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 376 bytes | Modified Date = 1/3/2007 1:16:32 PM | Attr = ]
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 12/18/2006 2:40:16 PM | Attr = ]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 12/18/2006 2:43:52 PM | Attr = ]
setupapi.log.0.old -> %SystemRoot%\setupapi.log.0.old -> [Ver = | Size = 1036862 bytes | Modified Date = 12/19/2006 5:52:46 PM | Attr = ]
SYSTEM.INI -> %SystemRoot%\SYSTEM.INI -> [Ver = | Size = 246 bytes | Modified Date = 1/3/2007 11:22:14 PM | Attr = ]
tlknw1.ini -> %SystemRoot%\tlknw1.ini -> [Ver = | Size = 51 bytes | Modified Date = 1/6/2007 8:04:12 PM | Attr = ]
tlknw10.ini -> %SystemRoot%\tlknw10.ini -> [Ver = | Size = 51 bytes | Modified Date = 1/6/2007 9:30:56 PM | Attr = ]
tlknw14.ini -> %SystemRoot%\tlknw14.ini -> [Ver = | Size = 51 bytes | Modified Date = 1/6/2007 9:31:10 PM | Attr = ]
tlknw15.ini -> %SystemRoot%\tlknw15.ini -> [Ver = | Size = 48 bytes | Modified Date = 1/6/2007 9:31:32 PM | Attr = ]
tlknw16.ini -> %SystemRoot%\tlknw16.ini -> [Ver = | Size = 49 bytes | Modified Date = 1/6/2007 9:29:14 PM | Attr = ]

#6 tupat

tupat
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 11 January 2007 - 08:15 AM

tlknw17.ini -> %SystemRoot%\tlknw17.ini -> [Ver = | Size = 48 bytes | Modified Date = 1/6/2007 8:28:40 PM | Attr = ]
tlknw18.ini -> %SystemRoot%\tlknw18.ini -> [Ver = | Size = 610 bytes | Modified Date = 1/7/2007 3:51:26 PM | Attr = ]
tlknw19.ini -> %SystemRoot%\tlknw19.ini -> [Ver = | Size = 608 bytes | Modified Date = 1/7/2007 3:50:42 PM | Attr = ]
tlknw20.ini -> %SystemRoot%\tlknw20.ini -> [Ver = | Size = 629 bytes | Modified Date = 1/7/2007 3:49:36 PM | Attr = ]
tlknw23.ini -> %SystemRoot%\tlknw23.ini -> [Ver = | Size = 614 bytes | Modified Date = 1/7/2007 3:52:06 PM | Attr = ]
tlknw28.ini -> %SystemRoot%\tlknw28.ini -> [Ver = | Size = 49 bytes | Modified Date = 1/6/2007 8:06:56 PM | Attr = ]
tlknw5.ini -> %SystemRoot%\tlknw5.ini -> [Ver = | Size = 51 bytes | Modified Date = 1/6/2007 9:30:34 PM | Attr = ]
tlknw8.ini -> %SystemRoot%\tlknw8.ini -> [Ver = | Size = 50 bytes | Modified Date = 1/6/2007 9:30:46 PM | Attr = ]
vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 12/18/2006 2:36:48 PM | Attr = ]
vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 12/18/2006 2:36:48 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 533 bytes | Modified Date = 1/3/2007 11:22:14 PM | Attr = ]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 12/18/2006 2:38:48 PM | Attr = RH ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 12/19/2006 6:47:44 PM | Attr = ]
WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx -> [Ver = | Size = 299552 bytes | Modified Date = 12/18/2006 2:40:24 PM | Attr = ]
$winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 302 bytes | Modified Date = 12/18/2006 2:43:02 PM | Attr = ]
amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 12/19/2006 6:51:10 PM | Attr = ]
BitCometRes.dll -> %System32%\BitCometRes.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Modified Date = 12/18/2006 10:07:04 PM | Attr = ]
cdplayer.exe.manifest -> %System32%\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 12/18/2006 2:38:48 PM | Attr = RH ]
Chip.dll -> %System32%\Chip.dll -> [Ver = | Size = 34308 bytes | Modified Date = 12/19/2006 5:14:14 PM | Attr = ]
CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 12/18/2006 2:40:30 PM | Attr = ]
emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Modified Date = 12/18/2006 2:37:02 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 189000 bytes | Modified Date = 1/7/2007 3:44:22 PM | Attr = ]
libdivx.dll -> %System32%\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 12/19/2006 11:20:32 PM | Attr = ]
logonui.exe.manifest -> %System32%\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 12/18/2006 2:38:56 PM | Attr = RH ]
ncpa.cpl.manifest -> %System32%\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 12/18/2006 2:38:48 PM | Attr = RH ]
nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 12/19/2006 6:51:10 PM | Attr = ]
nwc.cpl.manifest -> %System32%\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 12/18/2006 2:38:48 PM | Attr = RH ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 39992 bytes | Modified Date = 1/5/2007 5:51:46 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 311604 bytes | Modified Date = 1/5/2007 5:51:46 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 355086 bytes | Modified Date = 1/5/2007 5:51:46 PM | Attr = ]
sapi.cpl.manifest -> %System32%\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 12/18/2006 2:38:48 PM | Attr = RH ]
spupdsvc.inf -> %System32%\spupdsvc.inf -> [Ver = | Size = 230 bytes | Modified Date = 1/3/2007 9:19:00 PM | Attr = ]
ssldivx.dll -> %System32%\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 12/19/2006 11:20:32 PM | Attr = ]
vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 31762 bytes | Modified Date = 1/11/2007 12:43:44 PM | Attr = H ]
WindowsLogon.manifest -> %System32%\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 12/18/2006 2:38:56 PM | Attr = RH ]
wmpscheme.xml -> %System32%\wmpscheme.xml -> [Ver = | Size = 25065 bytes | Modified Date = 12/18/2006 2:45:58 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 1/3/2007 11:13:44 PM | Attr = ]
wuaucpl.cpl.manifest -> %System32%\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 12/18/2006 2:38:48 PM | Attr = RH ]
zllictbl.dat -> %System32%\zllictbl.dat -> [Ver = | Size = 4212 bytes | Modified Date = 12/18/2006 9:10:32 PM | Attr = H ]
dump_wmimmc.sys -> %System32%\drivers\dump_wmimmc.sys -> [Ver = | Size = 111227 bytes | Modified Date = 1/6/2007 4:22:02 PM | Attr = ]
fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 1969440 bytes | Modified Date = 1/11/2007 12:51:32 PM | Attr = HS]
fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 31556 bytes | Modified Date = 1/11/2007 12:42:12 PM | Attr = HS]
fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 52256 bytes | Modified Date = 1/11/2007 12:50:54 PM | Attr = HS]
fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 6968 bytes | Modified Date = 1/11/2007 12:42:12 PM | Attr = HS]
ggsemc.sys -> %System32%\drivers\ggsemc.sys -> Sony Ericsson Mobile Communications [Ver = 1.0.0.5 | Size = 8704 bytes | Modified Date = 1/1/2007 1:58:22 AM | Attr = ]
klick.sys -> %System32%\drivers\klick.sys -> Kaspersky Lab [Ver = 2.0.0.348 | Size = 61584 bytes | Modified Date = 1/3/2007 10:46:04 PM | Attr = ]
klif.sys -> %System32%\drivers\klif.sys -> Kaspersky Lab [Ver = 6.12.10.207 | Size = 162064 bytes | Modified Date = 1/3/2007 10:46:04 PM | Attr = ]
klin.sys -> %System32%\drivers\klin.sys -> Kaspersky Lab [Ver = 2.0.0.333 | Size = 59536 bytes | Modified Date = 1/3/2007 10:46:04 PM | Attr = ]
sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 639224 bytes | Modified Date = 1/3/2007 1:09:04 PM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Modified Date = 1/3/2007 9:43:18 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %SystemDrive%\HijackThis.exe -> Soeperman Enterprises Ltd. [Ver = 1.99.0001 | Size = 218112 bytes | Modified Date = 2/16/2005 11:06:16 AM | Attr = ]
Umonitor , -> %CommonProgramFiles%\Ahead\Lib\ROLLBACK.DB -> [Ver = | Size = 387072 bytes | Modified Date = 12/20/2006 12:46:44 PM | Attr = ]
Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 4/13/2005 4:22:10 AM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/18/2001 12:00:00 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/18/2001 12:00:00 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/18/2001 12:00:00 PM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 5:41:38 AM | Attr = ]

< End of report >

#7 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:41 PM

Posted 11 January 2007 - 03:40 PM

Hi tupat. The WinPFind3 log looks fine. No problems there.

I think the issue might be related to the fact that there is less than 5% free space on the C: drive. Since this drive holds the operating system and the paging file it is recommended that at least 25% be kept free. If the system needs to increase the paging file and there is no space then it can cause memory issues.

I would recommend taking what can be moved and moving it to the D: drive. The other options would be deleting what can be deleted from the C: drive or getting a larger drive.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users